Bug Fixes
This maintenance release of Itential Platform 2023.2.29 includes fixes for bugs that were reported to Itential Product Support.
| Key ID |
Release Note |
| ENG-18195 |
Fixed: Input parameter schema in the doProvision workflow task now correctly defines the params property as an object instead of an array, resolving schema validation errors and task execution failures. |
| ENG-16275 |
Fixed: Integration deletion now works correctly. Resolved an issue where attempting to delete an integration caused the screen to go blank when the confirmation dialog appeared. |
| ENG-11487 |
Fixed: Updated Scheduler to use new task data references. The Scheduler now properly creates task documents with reference pointers to data collections, matching the updated task architecture implemented in 2023.2. |
| ENG-4564 |
Fixed: Job variables now display correctly in the job view UI. Resolved an issue where job variables appeared empty in the 2023.2 job view interface. |
Improvements
This section highlights quality improvements to Itential Platform's functionality in this maintenance release.
| Key ID |
Release Note |
| ENG-18005 |
Added Inventory Manager to the Platform sidebar navigation, making it accessible directly from the main Platform interface. |
Security Changes
This section highlights fixes and measures to prevent and minimize security risks and vulnerabilities.
| Key ID |
Release Note |
| ENG-18115 |
Resolved a security vulnerability in the qs package (CVE-2025-15284) within JST Designer. The vulnerability allowed attackers to bypass array limit protections and exhaust server memory through malicious HTTP requests containing excessive bracket notation parameters. Upgraded to patched version to enforce proper array limits and prevent denial-of-service attacks. For more information, see SNYK-JS-QS-14724253. |
| ENG-18105 |
Resolved a security vulnerability in the qs package (CVE-2025-15284) within Itential Platform core. The vulnerability allowed attackers to bypass array limit protections and exhaust server memory through malicious HTTP requests containing excessive bracket notation parameters. Upgraded to patched version to enforce proper array limits and prevent denial-of-service attacks. For more information, see SNYK-JS-QS-14724253. |
Automation Platform Versions
| Component |
Version |
| @itential/adapter-automation_gateway |
4.31.4-2023.2.8 |
| @itential/adapter-azure_aaa |
1.7.5-2023.2.2 |
| @itential/adapter-email |
4.2.20-2023.2.0 |
| @itential/adapter-ldap |
2.14.3-2023.2.3 |
| @itential/adapter-local_aaa |
4.5.2-2023.2.0 |
| @itential/adapter-nso |
7.9.4-2023.2.20 |
| @itential/adapter-radius |
2.2.2-2023.2.0 |
| @itential/app-admin_essentials |
5.4.10-2023.2.25 |
| @itential/app-ag_manager |
1.20.3-2023.2.11 |
| @itential/app-automation_catalog |
2.13.7-2023.2.6 |
| @itential/app-automation_studio |
4.69.3-2023.2.247 |
| @itential/app-configuration_manager |
3.117.5-2023.2.32 |
| @itential/app-form_builder |
4.15.3-2023.2.8 |
| @itential/app-gateway_manager |
1.7.17 |
| @itential/app-json_forms |
1.42.3-2023.2.27 |
| @itential/app-jst |
1.15.11-2023.2.19 |
| @itential/app-lifecycle_manager |
1.38.4-2023.2.17 |
| @itential/app-mop |
6.21.1-2023.2.19 |
| @itential/app-nso_manager |
2.25.2-2023.2.5 |
| @itential/app-operations_manager |
1.215.10-2023.2.83 |
| @itential/app-service_catalog |
3.14.1-2023.2.3 |
| @itential/app-service_management |
3.0.2-2023.2.3 |
| @itential/app-template_builder |
2.9.1-2023.2.9 |
| @itential/app-workflow_builder |
5.55.2-2023.2.25 |
| @itential/app-workflow_engine |
11.9.6-2023.2.68 |
| @itential/database |
2.2.0 |
| @itential/iap-ui |
1.14.3-2023.2.12 |
| @itential/itential-utils |
3.3.7 |
| @itential/logger |
4.5.0 |
| @itential/network |
4.2.4 |
| @itential/pronghorn-core |
15.8.10-2023.2.113 |
| @itential/search |
1.3.3-2023.2.0 |
| @itential/service |
3.4.0 |
| @itential/tags |
3.2.2-2023.2.0 |